package com.example.demo;

import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.sql.*;
import java.util.HashMap;
import java.util.Map;

@RestController

public class DeletePost {
    @PostMapping("/deletePost")//url: 'http://localhost:8080/post/delete'
    public ResponseEntity<Object> DeletePost(@RequestBody Map<String, String> requestBody) {
        String postid = requestBody.get("postid");
        String wxid = requestBody.get("wxid");
        String userid=wxidgetuserid(wxid);
        if(userid.equals(postgetposter(postid))){//判断是否为发布者
            HttpHeaders headers = new HttpHeaders();
            headers.add("Content-Type", "application/json");
            return  new ResponseEntity<>(postdelete(postid), headers, HttpStatus.OK);
        } else if (IsAdmin(userid)) {//判断是否为管理员
            HttpHeaders headers = new HttpHeaders();
            headers.add("Content-Type", "application/json");
            return  new ResponseEntity<>(postdelete(postid), headers, HttpStatus.OK);
        }
        HttpHeaders headers = new HttpHeaders();
        headers.add("Content-Type", "application/json");
        Map<String, Object> data = new HashMap<>();
        data.put("status","FAIL_DENY");
        return  new ResponseEntity<>(data, headers, HttpStatus.OK);

    }
    public static Object postdelete (String postid){
        Connection con;
        Map<String, Object> data = new HashMap<>();
        try {
            //注册JDBC驱动程 序
            String driver = "com.mysql.cj.jdbc.Driver";
            String url = "jdbc:mysql://localhost:3306/jidazhidemai";

            // 数据库的用户名与密码，需要根据自己的设置
            String user = "root";
            String password = "gFL123456";
            Class.forName(driver);
            //建立连接
            con = DriverManager.getConnection(url, user, password);
            if (!con.isClosed()) {
                System.out.println("数据库连接成功");
            }

            String sql = "delete from post where postid=?";
            PreparedStatement preparedStatement = con.prepareStatement(sql);
            preparedStatement.setString(1, postid);
            preparedStatement.executeUpdate();
            preparedStatement.close();
            String sql1 = "delete from highlight where postid=?";
            PreparedStatement preparedStatement1 = con.prepareStatement(sql1);
            preparedStatement1.setString(1, postid);
            preparedStatement1.executeUpdate();
            preparedStatement1.close();
            con.close();
            data.put("status", "COMPLETE");
            data.put("postid", postid);
            return data;
        } catch (ClassNotFoundException e) {
            System.out.println("数据库驱动没有安装");

        } catch (SQLException e) {
            e.printStackTrace();
            System.out.println("数据库连接失败");
        }
        data.put("status", "FAIL_NOMATCH");
        return data;
    }
    public String wxidgetuserid (String wxid){
        Connection con;
        Map<String, Object> data = new HashMap<>();
        try {
            String driver = "com.mysql.cj.jdbc.Driver";
            String url = "jdbc:mysql://localhost:3306/jidazhidemai";

            // 数据库的用户名与密码，需要根据自己的设置
            String user = "root";
            String password = "gFL123456";
            Class.forName(driver);
            //注册JDBC驱动程 序
            //建立连接
            con = DriverManager.getConnection(url, user, password);
            if (!con.isClosed()) {
                System.out.println("数据库连接成功");
            }

            //Statement stmt = con.createStatement();
//            String sql = "INSERT INTO tab1 (title,author,submission_date) VALUES ('li','xiao','2020-07028')";
            String sql = " select userid from user where wxid=?;";
            PreparedStatement preparedStatement = con.prepareStatement(sql);
            preparedStatement.setString(1, wxid);
            ResultSet rs = preparedStatement.executeQuery();
            String userid = "false-出错了";
            if (rs.next()) {
                userid = rs.getString("userid");
            }
            con.close();
            return userid;

        } catch (ClassNotFoundException e) {
            System.out.println("数据库驱动没有安装");

        } catch (SQLException e) {
            e.printStackTrace();
            System.out.println("数据库连接失败");
        }
        return "false-出错了";
    }
    public String postgetposter (String postid){
        Connection con;
        Map<String, Object> data = new HashMap<>();
        try {
            String driver = "com.mysql.cj.jdbc.Driver";
            String url = "jdbc:mysql://localhost:3306/jidazhidemai";

            // 数据库的用户名与密码，需要根据自己的设置
            String user = "root";
            String password = "gFL123456";
            Class.forName(driver);
            //注册JDBC驱动程 序
            //建立连接
            con = DriverManager.getConnection(url, user, password);
            if (!con.isClosed()) {
                System.out.println("数据库连接成功");
            }

            //Statement stmt = con.createStatement();
//            String sql = "INSERT INTO tab1 (title,author,submission_date) VALUES ('li','xiao','2020-07028')";
            String sql = " select posterid from post where postid=?;";
            PreparedStatement preparedStatement = con.prepareStatement(sql);
            preparedStatement.setString(1, postid);
            ResultSet rs = preparedStatement.executeQuery();
            String posterid = "0";
            if (rs.next()) {
                posterid = rs.getString("posterid");

            }
            con.close();
            return posterid;

        } catch (ClassNotFoundException e) {
            System.out.println("数据库驱动没有安装");

        } catch (SQLException e) {
            e.printStackTrace();
            System.out.println("数据库连接失败");
        }
        return "false-出错了";
    }
    public boolean IsAdmin (String userid){
        Connection con;
        try {
            //注册JDBC驱动程 序
            String driver = "com.mysql.cj.jdbc.Driver";
            String url = "jdbc:mysql://localhost:3306/jidazhidemai";

            // 数据库的用户名与密码，需要根据自己的设置
            String user = "root";
            String password = "gFL123456";
            Class.forName(driver);
            //建立连接
            con = DriverManager.getConnection(url, user, password);
            if (!con.isClosed()) {
                System.out.println("数据库连接成功");
            }

            String sql = "select * from admin where userid=? limit 1";
            PreparedStatement preparedStatement = con.prepareStatement(sql);
            preparedStatement.setString(1, userid);
            ResultSet rs = preparedStatement.executeQuery();
            while (rs.next()) {
                return true;
            }
            con.close();

        } catch (ClassNotFoundException e) {
            System.out.println("数据库驱动没有安装");

        } catch (SQLException e) {
            e.printStackTrace();
            System.out.println("数据库连接失败");
        }
        return false;
    }
}
